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WHAT IS CLAIMED IS: 

1 . A mtethod for encoding transaction data, the transaction data including account 
PIN data andnon-PIN data, comprising the steps: 

performing a first encryption operation only on the PIN data; and 
performing a second encryption operation on at least the non-PIN data, such that 
the PIN data is cryptographically isolated from the non-PIN data. 

2. The methad of encoding transaction data of claim 1, wherein: 

said first enfcryption operation uses an asymmetrical encryption process; and 
said second encryption operation uses a symmetrical encryption process. 

3. The method of encoding transaction data of claim 2, wherein said symmetrical 
encryption process usejs a secret encryption key and wherein said method includes the 
further step of performing a third encryption operation on said secret encryption key. 

4. The method of encoding transaction data of claim 1 , wherein said second 
encryption process is performed on both the PIN and non-PIN data, such that the 
encrypted PIN data resideslwithin an encrypted envelope generated by the second 
encryption operation. I 

5. The method of encoding transaction data of claim 1, further comprising the steps of: 
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calculating a ijigest by applying a one-way mathematical process to the non-PIN 
data; and 

appending the dJgest to the PIN data blocks for fliture verification of the non-PEST 

data. 

6. A method for decodingWcrypted transaction data, the transaction data including 
account PIN data as well as non-PIN data, comprising the steps: 

performing a first decryption operation to decode the non-PIN data; and 
performing a second decVyption operation to decode the PIN data, wherein said 
second decryption operation is dJfferent fi-om the first decryption operation. 

7. The method of decoding encrw>ted transaction data of claim 6, wherein: 

said first decryption operatio^i uses a symmetrical decryption process; and 
said second decryption operation uses an asymmetrical decryption process. 

8. The method of decoding encrypte^ transaction data of claim 6, fiirther comprising 
the steps: 

calculating a digest by applying ^ one-way mathematical process to the non-PIN 
data; and 

comparing the calculated digest to\a received digest formed with the same one- 
way mathematical process and appended to\the PIN data blocks for verifying the non-PIN 
data. 
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9. A method for enioding account related data comprising the steps: 
analyzing the account related data to identify PE^-related data blocks and non- 

PIN data blocks; 

performing a first erlcryption operation only on said PIN-related data blocks; and 
performing a second encryption operation on at least said non-PIN data blocks. 

10. The method for encoding account related data of claim 9, wherein: 

said first encryption operation uses an asymmetrical encryption process; and 
said second encryption operation uses a symmetrical encryption process. 

1 1 . The method for encodinglaccount related data of claim 1 0, wherein said 
symmetrical encryption process uses a secret encryption key and wherein said method 
includes the fiirther step of perfon^ing a third encryption operation on said secret 
encryption key. 

12. The method for encoding acjpount related data of claim 10, wherein said second 
encryption operation is performed on both the PIN and non-PIN data, such that the 
encrypted PIN data resides within an [encrypted envelope generated by the second 
encryption operation. 

1 3 . The method of encoding accoun^ related data of claim 9, further comprising the 
steps of: 
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calculating a digest by applying a one-way mathematical process to the non-PIN 
data; and 

appending th^ digest to the PIN data blocks to allow for future verification of the 
non-PEN data. 

14. The method of encoding account data of claim 9, wherein the account data is 
associated with a paymerit instrument selected from the group including a credit card, a 
debit card and a "smart" c^d. 

15. A method of transpoding PIN and non-PIN data in a secure electronic transfer, 
comprising the steps: \ 

encrypting only the PIN data using a first encryption process, 
encrypting at least the npn-PIN data using a second encryption process; 
transmitting the encrypt^ PIN and non-PIN data to an authentication requestor, 

said authentication requestor havmg means to decrypt only the non-PIN data; 

transmitting the encrypted PIN data to an authorizing agent for verification; 
decrypting and verifying the PIN data by the authorizing agent; and 
transmitting a notification, from the authorizing agent to the authentication 

requestor, of a verification status of tie PIN data. 

16. The method of transporting PIN and non-PIN data of claim 15, wherein said 
second encryption process is different from the first encryption process; 
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1 17. The method of trknsporting PIN and non-PIN data of claim 1 6, wherein: 

2 said first encryption process is an asymmetrical encryption process; and 

3 said second encryption process is a symmetrical encryption process. 

1 18. The method of transnorting PIN and non-PIN data of claim 1 7, wherein the 

2 asymmetrical encryption process is performed using a public key provided to an account 

3 holder by the authorizing agebt and wherein said decrypting performed by the authorizing 

4 agent is performed using a prwate key associated with the public key. 

I 

1 1 9. The method of transporting PIN and non-PIN data of claim 1 8, wherein said 

2 symmetrical encryption process uses a secret encryption key and wherein said method 

3 includes the fiirther step of performing a third encryption operation on said secret 

4 encryption key. 

1 20. The method of transporting iPIN and non-PIN data of claim 16, fiirther comprising 

2 the steps of: 

3 prior to transmitting the endrypted PIN and non-PIN data, calculating a first digest 

4 by applying a one-way mathematicitl process to the non-PIN data and appending the 

5 digest to the PIN data blocks; and 

6 after transmitting the encryp^d PIN and non-PIN data, calculating a second digest 

7 by applying the same one-way mathematical process to the non-PIN data and comparing 

8 the first digest and second digest to verify the non-PIN data. 
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21. A terminal for ^coding transaction data including account PESf data as well as 

non-PIN data, comprising: 

means for performing a first encryption operation only on the PIN data; and 
means for perfonaing a second encryption operation on at least the non-PIN data, 

such that the PIN data is bryptographically isolated from the non-PIN data. 



22. The terminal for eijicoding transaction data of claim 21 , wherein: 

said first encryption means uses an asymmetrical encryption process; and 
said second encrypmon means uses a symmetrical encryption process. 



23. The terminal for encoping transaction data of claim 21 , further comprising a card 
reader for acquiring at least a portion of the transaction data from a payment instrument. 

24. A system for decoding encrypted transaction data including account PIN data as 
well as non-PIN data, comprismg: 

means for performing attirst decryption operation to decode the non-PIN data; and 
means for performing a second decryption operation to decode the PIN data, 
wherein said second decryption operation is different from the first decryption operation. 



25. The system as defined by claim 24, wherein: 

said first decryption means uses a symmetrical decryption process; and 
said second decryption means uses an asymmetrical decryption process. 



NY02:195I38.1 



-25- 



AP32087-070457.0732 

26. A system for en :oding and transporting PIN and non-PIN data comprising: 

first means for encrypting only the PIN data using a first encryption process; 
second means pr encrypting at least the non-PIN data using a second encryption 

process; 

means for transmitting the encrypted PIN and non-PIN data to an authentication 
requestor, said authenticl^tion requestor having means to decrypt only the non-PIN data; 

means for transmihing the encrypted PIN data to an authorizing agent for 
verification; \ 

means for decryptii^ and verifying the PIN data by the authorizing agent; and 



means for notifying the authentication requestor of a verification status of the PIN 



data. 



27. The system for encoding and transporting PIN and non-PIN data of claim 26, 
wherein said second encryptioh process is different firom the first encryption process 



28. The system for encoding 
wherein: 



and transporting PIN and non-PIN data of claim 27, 



said first encryption means employs an asymmetrical encryption process; and 
said second encryption nieans employs a symmetrical encryption process. 



29. The system for encoding aikl transporting PIN and non-PIN data of claim 27, 
wherein the first encryption mean^uses a public key provided to an account holder by the 
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authorizing agent an(| wherein said decrypting means uses a private key associated with 
the pubhc key. 

30. The system for Encoding and transporting PE^ and non-PIN data of claim 26, 
further comprising: 1 

means for calculating a first digest by applying a one-way mathematical process 
to the non-PIN data andlappending the digest to the PIN data blocks prior to transmitting 
the encrypted PIN and non-PIN data; and 

means for calculating a second digest by applying the same one-way 
mathematical process to ihe non-PIN data and comparing the first digest and second 
digest after transmitting tne encrypted PIN and non-PIN data, to verify the non-PIN data. 



3 1 . The system for enco 
fiirther comprising a card 
data fi"om a payment instruhient, 



ing and transporting PIN and non-PIN data of claim 24, 
rbader for acquiring at least a portion of the PIN and non-PIN 
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